Title: [opsview] [11854] Fix for corrupt session cookies not being caught correctly
- Revision
- 11854
- Author
- tvoon
- Date
- 2013-03-19 01:43:41 +0000 (Tue, 19 Mar 2013)
Log Message
Fix for corrupt session cookies not being caught correctly
Modified Paths
Modified: trunk/opsview-web/lib/Opsview/Web/Controller/Root.pm
===================================================================
--- trunk/opsview-web/lib/Opsview/Web/Controller/Root.pm 2013-03-19 01:19:07 UTC (rev 11853)
+++ trunk/opsview-web/lib/Opsview/Web/Controller/Root.pm 2013-03-19 01:43:41 UTC (rev 11854)
@@ -35,6 +35,7 @@
use Opsview::Utils;
use Utils::Weberrors;
use Opsview::Utils::Network qw(ipanyto4);
+use Try::Tiny;
__PACKAGE__->mk_accessors(
qw/start_url languages authtkt_ignoreip always_show_welcome_page/);
@@ -57,6 +58,20 @@
$h->{$n}->value( \@vals );
}
+ # If there is a corrupt opsview_web_session cookie, then $c->user_exists
+ # will cause a Catalyst::Exception which stops processing in the current sub,
+ # but continues in the rest of the Catalyst actions. This
+ # can cause unexpected errors. We catch this by checking here very early on
+ # so subsequent user_exists will work correctly
+ try {
+ $c->user_exists;
+ }
+ catch {
+ $c->log->warn( "Got corrupted session: $_" );
+ $c->error( "Tried to set invalid session ID" );
+ $c->detach( "/soft_error" );
+ };
+
my $f = {};
$c->stash( functions => $f );
$c->stash->{stylesheets} = [];
_______________________________________________
Opsview-checkins mailing list
Opsview-checkins@lists.opsview.org
http://lists.opsview.org/lists/listinfo/opsview-checkins
